• Supplier hosts the Supplier Data
• Supplier is a Sub-processor of Client Information
• Client Information includes Personal Data
• The Sub-processor is located in Singapore
• The Sub-processor is located outside of the EEA
• Where GDPR applies to the End User, the End User must rely on a derogation to transfer Client Information to the Sub-processor who uses further Sub-processors based outside of the EEA in accordance with Article 49 GDPR
• The End User must not provide Personal Data belonging to EEA Data Subjects for sub-processing by this Data Supplier

The Supplier Data that GBG uses to provide Singapore Credit is supplied by GBG’s Data Supplier. GBG is obliged under the terms of its agreement with its Data Supplier to ensure that all End Users agree to comply with the following provisions:

1. DEFINITIONS
1.1. In these Additional Terms, the following definitions shall apply, in addition to the definitions set out in the General Terms:
“Permitted Purpose” means the verification and authentication of an individual’s identity only and solely for the End User’s internal business use.

2. USE OF THE SUPPLIER DATA
2.1 The End User may only use the Supplier Data for the Permitted Purpose in accordance with these terms.
2.2 The End User acknowledges that the Supplier Data is provided “as is” without any warranties of any kind, whether express or implied. The Data Supplier is reliant on third parties therefore it is not possible for the Data Supplier to guarantee the accuracy of Supplier Data.
2.3 The End User agrees to indemnify GBG against any losses, damages, claims or liabilities of any kind arising from the negligence, wilful act or omission of, breach of these terms or the General Terms, or unauthorised use of the Supplier Data by the End User or End User’s representatives subject to the following caveats:
(a) GBG makes no statement prejudicial to the End User;
(b) Such claim is not caused by or contributed to by acts of GBG;
(c) The End User is promptly notified in writing of the details of the claim;
(d) The End User has sole control of the defence of such claim and all related settlement negotiations;
(e) GBG gives the End User all reasonable assistance at the End User ‘s expense in connection with it;
(f) GBG takes all steps to mitigate the losses, costs, damages, liabilities, fees and expenses it may incur and
(g) The End User shall not in any circumstances be liable for any loss of profits, goodwill or any type of special, indirect or consequential loss, even if reasonably foreseeable, or clearly anticipated.

3. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS
3.1 The Supplier Data used to provide this element of the Service is hosted by the Data Supplier. In order to perform the Services, the Data Supplier shall act as Sub-processor of Client Information (including any Personal Data supplied) for the sole purpose of delivering this element of the Service. The End User authorises GBG to appoint the Data Supplier as Sub-Processor for the purposes specified in this clause 3.1.
3.2 The Data Supplier is based in Singapore, which is located outside of the EEA. Where GDPR applies to the End User, the End User acknowledges that prior to submitting Client Information to GBG for processing it shall determine, and is solely liable for ensuring that it can rely on a derogation to transfer Client Information to the Sub-processor based outside of the EEA in accordance with Article 49 GDPR.
3.3 The End User warrants that it shall not provide Personal Data belonging to EEA Data Subjects for sub-processing by this Data Supplier.

4. TERMINATION
4.1 Notwithstanding the termination provisions between GBG and the Client in the General Terms, under the terms of GBG’s agreement with its Data Supplier, the supply of the Supplier Data may be terminated by GBG providing the Client with 4 months’ prior written notice.